New York Security User Group

 View Only

Slides and Notes from our 10/14/09 meeting 

Oct 23, 2009 02:04 PM


10/14/09 Symantec Meeting Minutes
 
Attendees: Brian Wippich,Eric Sternberg,Steve Agnone,Frank Connors,Ed O'Connell,Vikas Bangia,Mark Medici,Sridhar Srinivasan,
Nancy Jean-Charles,Sunitha Evany,Satish Matta,Val Vechnyak, Noel Guzman,John Mymryk,Keith Kotlarski,John Stockman,Mike Vaccaro,Saif Jafri,Ed Runowski,Paul Duval,Norman Menz,Michael Kordelski,Donald Closser,Jason Fenner,Jamie Johnson,Barbara Kish,Tim White, Lee Whitty
Tim Buffo
 
Discussion Items:
 
 
·          Training hosted by Val Vechnyak.
 
·          Main presenters were Jason Fenner and Tim White.
 
·          Topics covered by Jason Fenner – Agentless data collection in Windows and Unix Environments
 
Ø CCS General Architecture – Information server ensures communication between multiple platforms and databases.
 
Ø Agentless Architecture
 
o    Windows Environment
 
              Master query engines push data to slave query engines based on distribution rules, naming conventions and subnets and number of atomic jobs/subprocesses that the query engine spawns off. Supports multiple engines, shortens window for data collection from a number of agents.
 
o    Unix Environment – bv-control for Unix architecture
 
              No query engines. We can deploy agents. Need to register each target onto the information server and provide resource id and credentials. There are 3 methods of achieving this:
 
o    Psudo Method
 
o    Native Credentials
 
o    Certificate Method
 
      bv-control for Oracle architecture & bv-control for MS-SQL architecture
 
    Information server has hooks to both Unix and Windows – There is no query engine concept in Unix as mentioned above. We can turn auditing on the SQL server, at table level and in profiler. Don’t have to turn it on full if we don’t wish. We can turn auditing on and off for a specific time period.
 
    Bv-control for Exchange architecture – 05,07
 
    There are optional logs for tracking. Log consolidation into SQL server for offline reporting.
 
    RMS console – A demo of the RMS console was given. RMS stands for Risk management system. It is used for gathering raw information and used as an interface for adhoc reporting. RMS returns the actual data unlike ESM where a specific error message is generated.
 
 
·          Topics covered by Tim White – Control Compliance Suite – 9.0 SP1 and Control Compliance Roadmap
 
 
o    CCS – 9.0 SP1
 
        
 
Control Compliance Suite is designed to store, analyse and report data using technical and procedural controls.
 
There are several enhancements to existing ESM implementation such as
 
§ ESM manager improvements
§ Increase in connectivity resources
§ Offline agent checks
§ Job Throttling, parallel setup
§ Reduce CDB corruption
§ ESM console performance improvement
§ Graphs on demand
§ Specific Object refresh
§ Configurable refresh on job completion
 
CCS 9.0 has direct hooks to the ODBC data provider system. It collects data and stores it in a repository for reporting. Data is analyzed for pass or fail checks and compliance violations are flagged. CCS 9.0 mirrors written security standards as opposed to Cognos reporting where the final report should be present in the ESM format. Scopes are broadly defined in CCS rather than just the red, yellow and green messages in ESM.
 
 
Demo of the CCS 9.0 SP1 console was given.
 
 
·          Control Compliance Roadmap:
 
Comparison between the different versions Oban(9.1), Sulu and Kirk was offered.
 
Oban(9.1) is in the works, Sulu will be next and Kirk will be the advanced version that needs to be worked on in the future.
 
 
·          Plans for next meeting:
 
Dates - TBD
 
      Time - TBD
 
      Location - TBD
 
     
·          Topics suggested for next presentations:
 
       TBD
 
 
ACTION ITEMS:
 
·          Apply for Director position to New York Security and Compliance Usergroup if anyone is interested.
·          Go to www.symantec.com/connect to redeem points and get gifts.
 
Thanks & Regards,
Sunitha Evany

Statistics
0 Favorited
0 Views
1 Files
0 Shares
0 Downloads
Attachment(s)
ppt file
CCS 9.0.1 Update.ppt   4.21 MB   1 version
Uploaded - Mar 16, 2020

Tags and Keywords

Comments

Oct 23, 2009 04:09 PM

Thanks so much to Sunitha for taking detailed notes and Nancy for posting on the website!

Related Entries and Links

No Related Resource entered.